<?php
class AuthFilter extends CFilter{
	protected function preFilter($filterChain)
    {
       	$auths=Yii::app()->params['auth'];
       	$user_auth=Yii::app()->session['auth'];
       	$con_id=$filterChain->controller->getId();
       	$act_id=$filterChain->controller->action->id;
       	$default_operation=Yii::app()->params['auth_operation'];
       	foreach($auths as $key=>$val){
       		if(isset($val[$con_id])){
       			$contr_code=$val[$con_id]['code'];
       			if(isset($val[$con_id]['default_operation'])&&$val[$con_id]['default_operation'])
       				$operation=$default_operation;
       			else
       				$operation=$val[$con_id]['operation'];
       			foreach($operation as $n=>$v){
       				if($v[1]==$act_id){
       					$act_code=$n;
       					break;
       				}
       			}	
       			break;		
       		}
       	}
       	if(isset($contr_code)&&isset($act_code)){//此操作存在code
       		$code=$contr_code.$act_code;
       		if(!in_array($code,$user_auth)){
       			$filterChain->controller->redirect(array('site/to_close','message'=>'1'));
    			return false;
       		}
       	}
       	return true;
    }
 
    protected function postFilter($filterChain)
    {
        // logic being applied after the action is executed
    }
	
}
?>